MLK-23583 doc: imx: habv4: Consolidate mx8m documentation

Old documentation styling mentioned all iMX8M devices variants (iMX8M,
iMX8MM, iMX8MN) for every SoC reference.

As the secure/encrypted boot procedure is similar for all the variants
(including iMX8MP), make this information common for the whole iMX8M
family to keep the documentation clean instead of adding iMX8MP on every
reference.
Specific information for single variants is described when needed.

Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
(cherry picked from commit 24c72869a608ffbcce908770953a6d87514f2253)

9 files changed, 37 insertions, 38 deletions

diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit.txt b/doc/imx/habv4/csf_examples/mx8m/csf_fit.txt
index d9218ab431..d9218ab431 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_fit.txt
diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit_enc.txt b/doc/imx/habv4/csf_examples/mx8m/csf_fit_enc.txt
index be0b353084..be0b353084 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit_enc.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_fit_enc.txt
diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit_sign_enc.txt b/doc/imx/habv4/csf_examples/mx8m/csf_fit_sign_enc.txt
index 9a41c8bb40..9a41c8bb40 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_fit_sign_enc.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_fit_sign_enc.txt
diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl.txt b/doc/imx/habv4/csf_examples/mx8m/csf_spl.txt
index 39adf7a3eb..39adf7a3eb 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_spl.txt
diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl_enc.txt b/doc/imx/habv4/csf_examples/mx8m/csf_spl_enc.txt
index de71710e6c..de71710e6c 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl_enc.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_spl_enc.txt
diff --git a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl_sign_enc.txt b/doc/imx/habv4/csf_examples/mx8m/csf_spl_sign_enc.txt
index b1b8db1a62..b1b8db1a62 100644
--- a/doc/imx/habv4/csf_examples/mx8m_mx8mm/csf_spl_sign_enc.txt
+++ b/doc/imx/habv4/csf_examples/mx8m/csf_spl_sign_enc.txt
diff --git a/doc/imx/habv4/guides/mx8m_mx8mm_encrypted_boot.txt b/doc/imx/habv4/guides/mx8m_encrypted_boot.txt
index cac6c0d7ca..58b7224bd9 100644
--- a/doc/imx/habv4/guides/mx8m_mx8mm_encrypted_boot.txt
+++ b/doc/imx/habv4/guides/mx8m_encrypted_boot.txt
@@ -1,28 +1,27 @@
          +======================================================+
-         +   i.MX8M, i.MX8MM Encrypted Boot guide using HABv4   +
+         +    i.MX8M family Encrypted Boot guide using HABv4    +
          +======================================================+
 
 1. HABv4 Encrypted Boot process
 -------------------------------
 
 This document describes a step-by-step procedure on how to encrypt and sign a
-bootloader image for i.MX8M, i.MX8MM, i.MX8MN family devices. It is assumed
-that the reader is familiar with basic HAB concepts and has already closed
-the device, step-by-step procedure can be found in mx8m_mx8mm_secure_boot.txt
-guide.
+bootloader image for i.MX8M family devices. It is assumed that the reader is
+familiar with basic HAB concepts and has already closed the device, step-by-step
+procedure can be found in mx8m_secure_boot.txt guide.
 
 Details about encrypted boot can be found in application note AN12056[1] and
 in the introduction_habv4.txt document.
 
 The steps described in this document were based in i.MX8MM device, the same
-concept can be applied to i.MX8M and i.MX8MN family devices.
+concept can be applied to other i.MX8M family devices.
 
 1.1 Understanding the encrypted flash.bin image layout
 ------------------------------------------------------
 
-As described in mx8m_mx8mm_secure_boot.txt guide a single binary is used
-to boot the device, the imx-mkimage tool combines all the input images in
-a FIT structure, generating a flash.bin binary.
+As described in mx8m_secure_boot.txt guide a single binary is used to boot the
+device, the imx-mkimage tool combines all the input images in a FIT structure,
+generating a flash.bin binary.
 
 The encrypted boot image requires a DEK (Data Encryption Key) blob on each time
 HABv4 is used to decrypt an image. The DEK blob is used as a security layer to
@@ -77,7 +76,7 @@ by following one of the methods below:
 
 - Defconfig
 
-  CONFIG_SECURE_BOOT=y
+  CONFIG_IMX_HAB=y
   CONFIG_FAT_WRITE=y
   CONFIG_CMD_DEKBLOB=y
   CONFIG_IMX_OPTEE_DEK_ENCAP=y
@@ -127,8 +126,8 @@ TrustZone secure world we must encapsulate the blobs using OP-TEE.
 1.5 Preparing the fit image
 ----------------------------
 
-As explained in mx8m_mx8mm_secure_boot.txt document the imx-mkimage project is
-used to combine all the images in a single flash.bin binary.
+As explained in mx8m_secure_boot.txt document the imx-mkimage project is used to
+combine all the images in a single flash.bin binary.
 
 Copy all the binaries generated (U-Boot images, bl31.bin, tee.bin and Firmware)
 into iMX8M directory and run the following commands according to the target
diff --git a/doc/imx/habv4/guides/mx8m_mx8mm_secure_boot.txt b/doc/imx/habv4/guides/mx8m_secure_boot.txt
index f7be3e6985..1292f87415 100644
--- a/doc/imx/habv4/guides/mx8m_mx8mm_secure_boot.txt
+++ b/doc/imx/habv4/guides/mx8m_secure_boot.txt
@@ -1,23 +1,23 @@
-         +=======================================================+
-         +     i.MX8M, i.MX8MM Secure Boot guide using HABv4     +
-         +=======================================================+
+            +=====================================================+
+            +     i.MX8M family Secure Boot guide using HABv4     +
+            +=====================================================+
 
 1. HABv4 secure boot process
 -----------------------------
 
 This document describes a step-by-step procedure on how to sign and securely
-boot a bootloader image on i.MX8M and i.MX8MM devices. It is assumed that
-the reader is familiar with basic HAB concepts and with the PKI tree generation.
+boot a bootloader image on i.MX8M family devices. It is assumed that the reader
+is familiar with basic HAB concepts and with the PKI tree generation.
 
 Details about HAB can be found in the application note AN4581[1] and in the
 introduction_habv4.txt document.
 
-1.1 Understanding the i.MX8M and i.MX8MM flash.bin image layout
-----------------------------------------------------------------
+1.1 Understanding the i.MX8M family flash.bin image layout
+----------------------------------------------------------
 
 Due to the new the architecture, multiple firmwares and softwares are required
-to boot i.MX8M and i.MX8MM devices. In order to store all the images in a
-single binary the FIT (Flattened Image Tree) image structure is used.
+to boot i.MX8M family devices. In order to store all the images in a single
+binary the FIT (Flattened Image Tree) image structure is used.
 
 The final image is generated by the imx-mkimage project, the tool combines all
 the input images in a FIT structure, generating a flash.bin image with an
@@ -61,17 +61,16 @@ file are covered by a digital signature.
              ------- +-----------------------------+ --------
   * Only supported on i.MX8M series
 
-The boot flow on i.MX8M and i.MX8MM devices are slightly different when compared
-with i.MX6 and i.MX7 series, the diagram below illustrate the boot sequence
-overview:
+The boot flow on i.MX8M devices are slightly different when compared with i.MX6
+and i.MX7 series, the diagram below illustrate the boot sequence overview:
 
-- i.MX8M and i.MX8MM devices boot flow:
+- i.MX8M boot flow:
 
                   Secure World                     Non-Secure World
                                          |
                                          |
   +------------+      +------------+     |
-  |     SPL    |      | i.MX 8M/MM |     |
+  |     SPL    |      |  i.MX 8M   |     |
   |      +     | ---> |    ROM     |     |
   |   DDR FW   |      |   + HAB    |     |
   +------------+      +------------+     |
@@ -103,11 +102,11 @@ overview:
   * Only supported on i.MX8M series
   ** Optional
 
-On i.MX8M devices the HDMI firmware or DisplayPort firmware are the first image
-to boot on the device. These firmwares are signed and distributed by NXP, and
-are always authenticated regardless of security configuration. In case not
-required by the application the HDMI or DisplayPort controllers can be disabled
-by eFuses and the firmwares are not required anymore.
+Particularly on the i.MX8M, the HDMI firmware or DisplayPort firmware are the
+first image to boot on the device. These firmwares are signed and distributed by
+NXP, and are always authenticated regardless of security configuration. In case
+not required by the application the HDMI or DisplayPort controllers can be
+disabled by eFuses and the firmwares are not required anymore.
 
 The next images are not signed by NXP and users should follow the signing
 procedure as described in this document.
@@ -133,12 +132,12 @@ similar to i.MX6 and i.MX7 series the U-Boot provides extra functions for
 HAB, such as the HAB status logs retrievement through the hab_status command
 and support to extend the root of trust.
 
-The support is enabled by adding the CONFIG_SECURE_BOOT to the build
+The support is enabled by adding the CONFIG_IMX_HAB to the build
 configuration:
 
 - Defconfig:
 
-  CONFIG_SECURE_BOOT=y
+  CONFIG_IMX_HAB=y
 
 - Kconfig:
 
@@ -270,8 +269,9 @@ The current NXP BSP implementation expects the CAAM registers to be unlocked
 when configuring CAAM to operate in non-secure TrustZone world.
 
 The Unlock command is already included by default in the signed HDMI and
-DisplayPort firmwares, on i.MX8MM devices or in case the HDMI or DisplayPort
-controllers are disabled, users must ensure this command is included in SPL CSF.
+DisplayPort firmwares. On i.MX8MM, i.MX8MN and i.MX8MP devices or in case the
+HDMI or DisplayPort controllers are disabled in i.MX8M, users must ensure this
+command is included in SPL CSF.
 
 - Add Unlock MID command in csf_spl.txt:
 
@@ -353,7 +353,7 @@ The U-Boot fuse tool can be used for programming eFuses on i.MX SoCs.
   0x831C8117
   0x1190FD4D
 
-- Program SRK_HASH[255:0] fuses on i.MX8MQ and i.MX8MM devices:
+- Program SRK_HASH[255:0] fuses on i.MX8M family devices:
 
   => fuse prog 6 0 0x20593752
   => fuse prog 6 1 0x6ACE6962
@@ -397,7 +397,7 @@ process, and is achieved by programming the SEC_CONFIG[1] fuse bit.
 Once the fuse is programmed, the chip does not load an image that has not been
 signed using the correct PKI tree.
 
-- Program SEC_CONFIG[1] fuse on i.MX8MQ and i.MX8MM devices:
+- Program SEC_CONFIG[1] fuse on i.MX8M family devices:
 
   => fuse prog 1 3 0x2000000
 
diff --git a/doc/imx/habv4/introduction_habv4.txt b/doc/imx/habv4/introduction_habv4.txt
index 25711bbe95..c728eb8546 100644
--- a/doc/imx/habv4/introduction_habv4.txt
+++ b/doc/imx/habv4/introduction_habv4.txt
@@ -12,7 +12,7 @@ to authenticate and/or decrypt the program image by using cryptography
 operations.
 
 This feature is supported in i.MX 50, i.MX 53, i.MX 6, i.MX 7 series and
- i.MX 8M, i.MX 8MM devices.
+i.MX 8M family (i.MX 8M, i.MX 8MM, i.MX 8MN, i.MX 8MP devices).
 
 Step-by-step guides are available under doc/imx/habv4/guides/ directory,
 users familiar with HAB and CST PKI tree generation should refer to these